6.5 Medium
CVSS3
Attack Vector
NETWORK
Attack Complexity
HIGH
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
LOW
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:H
7 High
AI Score
Confidence
High
0.001 Low
EPSS
Percentile
51.3%
openssl:edge is vulnerable of Out-of-bounds Write. The vulnerability due to the application state might be corrupted with various application dependent consequences when returning to the caller. It allows an attacker could get complete control of the application process which leads to denial of service.
www.openwall.com/lists/oss-security/2024/03/11/1
github.com/openssl/openssl/commit/050d26383d4e264966fb83428e72d5d48f402d35
github.com/openssl/openssl/commit/5b139f95c9a47a55a0c54100f3837b1eee942b04
github.com/openssl/openssl/commit/f3fc5808fe9ff74042d639839610d03b8fdcc015
secdb.alpinelinux.org/edge/main.yaml
secdb.alpinelinux.org/v3.17/main.yaml
secdb.alpinelinux.org/v3.18/main.yaml
secdb.alpinelinux.org/v3.19/main.yaml
security.netapp.com/advisory/ntap-20240216-0009/
security.netapp.com/advisory/ntap-20240426-0008/
security.netapp.com/advisory/ntap-20240426-0013/
security.netapp.com/advisory/ntap-20240503-0011/
www.openssl.org/news/secadv/20240109.txt
6.5 Medium
CVSS3
Attack Vector
NETWORK
Attack Complexity
HIGH
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
LOW
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:H
7 High
AI Score
Confidence
High
0.001 Low
EPSS
Percentile
51.3%